Tag: Microsoft

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Windows kernel vulnerability

Cybersecurity Threat Advisory: Critical Windows kernel vulnerability

A pointer dereference weakness was discovered within the Microsoft Kernel Streaming Service that would allow an attacker to escalate their privileges to SYSTEM without any user interaction being required. Review the details in this Cybersecurity Threat Advisory to learn how...

/ December 20, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: CRON#TRAP phishing campaign

Cybersecurity Threat Advisory: CRON#TRAP phishing campaign

A new phishing campaign, identified as CRON#TRAP, are targeting Windows systems with a preloaded Linux virtual machine (VM) to evade detection to conduct malicious acts.  Continue reading this Cybersecurity Threat Advisory to learn how to protect against this phishing campaign....

/ November 6, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Exploited Microsoft zero-day flaw

Cybersecurity Threat Advisory: Exploited Microsoft zero-day flaw

The hacker group Lazarus recently exploited a patched, zero-day flaw in Microsoft Windows. The vulnerability, tracked as CVE-2024-38193 with a CVSS score of 7.8, is a Bring Your Own Vulnerable Driver (BYOVD) vulnerability for Winsock. Continue reading this Cybersecurity Threat...

/ August 21, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerabilities

Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerabilities

This Cybersecurity Threat Advisory highlights a new attack technique exploiting vulnerabilities in Microsoft Management Console (MMC). By creating malicious management saved console (MSC) files that appear legitimate, attackers can bypass traditional security measures and exploit the targeted MMC. Barracuda MSP...

/ June 26, 2024
Tech Time Warp
Tech Time Warp: The breakthrough against software piracy that wasn’t

Tech Time Warp: The breakthrough against software piracy that wasn’t

In this edition of Tech Time Warp we go back to April 14, 1995, when the Chinese government began widespread efforts to stop its government agencies from using pirated software. The move came after a Feb. 27, 1995, accord agreement...

/ April 19, 2024
Tech Time Warp: Don’t take Windows for granted

Tech Time Warp: Don’t take Windows for granted

When was the last time you thought about how easy Windows makes your life? Seriously, though: Now, the ease with which you move from application to application, use keyboard shortcuts, and even resolve crashes with CTRL+ALT+DEL just feels like functionality...

/ April 5, 2024
Tech Time Warp
Tech Time Warp: Leap years trip us up every time

Tech Time Warp: Leap years trip us up every time

Leap day 2024 was not without its technical complications. For instance, for more than 10 hours Thursday in New Zealand, drivers could not pay via credit card at gas pumps. Such problems are all part of the grand tradition of leap years,...

/ March 1, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerability

Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerability

Microsoft announced that a recently disclosed security flaw had been exploited just one day after it released fixes for the vulnerability. CVE-2024-21410, an Exchange Server vulnerability, with a CVSS score of 9.8, allows threat actors to escalate privileges of the...

/ February 21, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Increased cyberattacks unveiled

Cybersecurity Threat Advisory: Increased cyberattacks unveiled

This Cybersecurity Threat Advisory looks at a threat actor who is targeting various private sector entities in Israel. Read the recommendations below to implement a layered security approach to protect against these cyberattacks. What is the threat? Microsoft has unveiled...

/ October 25, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Microsoft Sharepoint Server exploit

Cybersecurity Threat Advisory: Microsoft Sharepoint Server exploit

A proof-of-concept exploit code has surfaced on GitHub for a crucial authentication bypass vulnerability in Microsoft SharePoint Server. The exploit allows attackers to escalate privileges in Microsoft SharePoint Servers. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in detail to...

/ October 4, 2023